View Javadoc
1   /*
2    * Copyright 2018 the original author or authors.
3    *
4    *  Licensed under the Apache License, Version 2.0 (the "License");
5    *  you may not use this file except in compliance with the License.
6    *  You may obtain a copy of the License at
7    *
8    *         http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *  Unless required by applicable law or agreed to in writing, software
11   *  distributed under the License is distributed on an "AS IS" BASIS,
12   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *  See the License for the specific language governing permissions and
14   *  limitations under the License.
15   */
16  
17  package org.openehealth.ipf.platform.camel.ihe.fhir.core.intercept.consumer;
18  
19  import org.apache.camel.Exchange;
20  import org.openehealth.ipf.commons.ihe.core.atna.AuditDataset;
21  import org.openehealth.ipf.commons.ihe.fhir.Constants;
22  import org.slf4j.Logger;
23  import org.slf4j.LoggerFactory;
24  
25  import javax.naming.ldap.LdapName;
26  import javax.naming.ldap.Rdn;
27  import javax.security.cert.X509Certificate;
28  import java.security.Principal;
29  
30  /**
31   * @author Christian Ohr
32   */
33  public abstract class AuditInterceptorUtils {
34  
35      private static final Logger LOG = LoggerFactory.getLogger(AuditInterceptorUtils.class);
36  
37      public static void extractClientCertificateCommonName(Exchange exchange, AuditDataset auditDataset) {
38          X509Certificate[] certificates = (X509Certificate[]) exchange.getIn().getHeader(Constants.HTTP_X509_CERTIFICATES);
39          if (certificates != null && certificates.length > 0) {
40              try {
41                  X509Certificate certificate = certificates[0];
42                  Principal principal = certificate.getSubjectDN();
43                  String dn = principal.getName();
44                  LdapName ldapDN = new LdapName(dn);
45                  for (Rdn rdn : ldapDN.getRdns()) {
46                      if (rdn.getType().equalsIgnoreCase("CN")) {
47                          auditDataset.setSourceUserName((String) rdn.getValue());
48                          break;
49                      }
50                  }
51              } catch (Exception e) {
52                  LOG.info("Could not extract CN from client certificate", e);
53              }
54          }
55      }
56  }